fix: security vulnerability SSRF

This commit is contained in:
vran 2022-07-28 23:06:35 +08:00
parent 4df8f9b93e
commit a8529b848c
1 changed files with 4 additions and 3 deletions
core/src/main/java/com/databasir/core/infrastructure/driver

View File

@ -60,7 +60,7 @@ public class DriverResources {
try { try {
Files.createDirectories(parentDirPath); Files.createDirectories(parentDirPath);
} catch (IOException e) { } catch (IOException e) {
log.error("下载驱动时创建目录失败", e); log.error("create directory for driver failed", e);
throw DomainErrors.DOWNLOAD_DRIVER_ERROR.exception(e); throw DomainErrors.DOWNLOAD_DRIVER_ERROR.exception(e);
} }
@ -97,8 +97,9 @@ public class DriverResources {
} }
}); });
} catch (RestClientException e) { } catch (RestClientException e) {
log.error(parentDir + " download driver error", e); String msg = String.format("download driver from %s to %s failed", driverFileUrl, parentDir);
throw DomainErrors.DOWNLOAD_DRIVER_ERROR.exception(e.getMessage()); log.error(msg, e);
throw DomainErrors.DOWNLOAD_DRIVER_ERROR.exception(msg);
} }
} }